{"id":"https://openalex.org/W7124433630","doi":"https://doi.org/10.46586/tches.v2026.i1.425-447","title":"Finding Bugs and Features Using Cryptographically-Informed Functional Testing","display_name":"Finding Bugs and Features Using Cryptographically-Informed Functional Testing","publication_year":2026,"publication_date":"2026-01-16","ids":{"openalex":"https://openalex.org/W7124433630","doi":"https://doi.org/10.46586/tches.v2026.i1.425-447"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2026.i1.425-447","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2026.i1.425-447","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/12688/12370","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/12688/12370","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5095913380","display_name":"Giacomo Fenzi","orcid":"https://orcid.org/0000-0003-3702-1780"},"institutions":[{"id":"https://openalex.org/I5124864","display_name":"\u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne","ror":"https://ror.org/02s376052","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I5124864"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Giacomo Fenzi","raw_affiliation_strings":["Computational Security Lab, EPFL, Lausanne, Switzerland"],"affiliations":[{"raw_affiliation_string":"Computational Security Lab, EPFL, Lausanne, Switzerland","institution_ids":["https://openalex.org/I5124864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093718714","display_name":"Jan Gilcher","orcid":null},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Jan Gilcher","raw_affiliation_strings":["Applied Cryptography Group, ETH Zurich, Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"Applied Cryptography Group, ETH Zurich, Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013503564","display_name":"Fernando Virdia","orcid":"https://orcid.org/0000-0002-0001-2955"},"institutions":[{"id":"https://openalex.org/I28290843","display_name":"University of Surrey","ror":"https://ror.org/00ks66431","country_code":"GB","type":"education","lineage":["https://openalex.org/I28290843"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Fernando Virdia","raw_affiliation_strings":["University of Surrey, Guildford, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Surrey, Guildford, United Kingdom","institution_ids":["https://openalex.org/I28290843"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5095913380"],"corresponding_institution_ids":["https://openalex.org/I5124864"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.24813691,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"2026","issue":"1","first_page":"425","last_page":"447"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11005","display_name":"Radiation Effects in Electronics","score":0.23880000412464142,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11005","display_name":"Radiation Effects in Electronics","score":0.23880000412464142,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.18700000643730164,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.10300000011920929,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7556999921798706},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.7060999870300293},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5698000192642212},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.5062000155448914},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.5},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.48420000076293945},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4814000129699707},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.3837999999523163}],"concepts":[{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7556999921798706},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.7060999870300293},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.696399986743927},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5698000192642212},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.5062000155448914},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.5},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.48420000076293945},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4814000129699707},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3837999999523163},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.38339999318122864},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3776000142097473},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.3727000057697296},{"id":"https://openalex.org/C188087704","wikidata":"https://www.wikidata.org/wiki/Q369577","display_name":"Standardization","level":2,"score":0.3700000047683716},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.36230000853538513},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.359499990940094},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.34850001335144043},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33169999718666077},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.3059999942779541},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.303600013256073},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29429998993873596},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.27410000562667847},{"id":"https://openalex.org/C153180980","wikidata":"https://www.wikidata.org/wiki/Q19776675","display_name":"Commit","level":2,"score":0.2685999870300293}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.46586/tches.v2026.i1.425-447","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2026.i1.425-447","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/12688/12370","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:doi:10.3929/ethz-c-000795390","is_oa":true,"landing_page_url":"http://hdl.handle.net/20.500.11850/795390","pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Journal Article"},{"id":"pmh:oai:infoscience.epfl.ch:20.500.14299/258230","is_oa":true,"landing_page_url":"https://infoscience.epfl.ch/handle/20.500.14299/258230","pdf_url":null,"source":{"id":"https://openalex.org/S4306400487","display_name":"Infoscience (Ecole Polytechnique F\u00e9d\u00e9rale de Lausanne)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"research article"}],"best_oa_location":{"id":"doi:10.46586/tches.v2026.i1.425-447","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2026.i1.425-447","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/12688/12370","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7124433630.pdf"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"In":[0,72],"2018,":[1],"Mouha":[2],"et":[3],"al.":[4],"(IEEE":[5],"Trans.":[6],"Reliability,":[7],"2018)":[8],"performed":[9],"a":[10,32,56,169],"postmortem":[11],"investigation":[12],"of":[13,16,35,39,52,63,67,96,100,109,148],"the":[14,21,40,50,68,97,110],"correctness":[15],"reference":[17],"implementations":[18,69,105],"submitted":[19],"to":[20,48,79,103,131],"SHA3":[22],"competition":[23],"run":[24,116],"by":[25,59,117],"NIST,":[26],"finding":[27],"previously":[28],"unidentified":[29],"bugs":[30,54,126],"in":[31,55,138,185],"significant":[33],"portion":[34],"them,":[36],"including":[37],"two":[38],"five":[41],"finalists.":[42],"Their":[43],"innovative":[44],"approach":[45,78],"allowed":[46],"them":[47],"identify":[49,120],"presence":[51],"such":[53,134],"black-box":[57],"manner,":[58],"searching":[60],"for":[61],"counterexamples":[62],"expected":[64],"cryptographic":[65,132],"properties":[66],"under":[70],"test.":[71],"this":[73,166],"work,":[74],"we":[75,164],"extend":[76],"their":[77],"key":[80],"encapsulation":[81],"mechanisms":[82],"(KEMs)":[83],"and":[84,150,175,188],"digital":[85],"signature":[86],"schemes":[87,102],"(DSSs).":[88],"We":[89,119,143],"perform":[90],"our":[91],"tests":[92],"on":[93],"multiple":[94,121],"versions":[95],"LibOQS":[98,174],"collection":[99],"post-quantum":[101],"capture":[104],"at":[106],"different":[107],"points":[108],"recent":[111],"Post-Quantum":[112],"Cryptography":[113],"Standardization":[114],"Process":[115],"NIST.":[118],"bugs,":[122,133],"ranging":[123],"from":[124],"software":[125,187],"(segmentation":[127],"faults,":[128],"memory":[129],"overflows)":[130],"as":[135],"ciphertext":[136],"malleability":[137],"KEMs":[139,149],"claiming":[140],"IND-CCA":[141],"security.":[142],"also":[144],"observe":[145],"various":[146],"features":[147],"DSSs":[151],"that":[152,178],"do":[153],"not":[154],"contradict":[155],"any":[156],"security":[157],"guarantees":[158],"but":[159],"could":[160],"appear":[161,182],"counter-intuitive.":[162],"Finally,":[163],"compare":[165],"methodology":[167],"with":[168],"traditional":[170,179],"fuzzing":[171,180],"campaign":[172],"against":[173],"SUPERCOP,":[176],"observing":[177],"harnesses":[181],"less":[183],"effective":[184],"surfacing":[186],"logical":[189],"bugs.":[190]},"counts_by_year":[],"updated_date":"2026-01-19T04:01:09.351973","created_date":"2026-01-17T00:00:00"}